I need a way to get non-deterministic random numbers on demand for my application.

However i do not wish/have the capabilities to build the hardware myself, thus I'm looking for a web service which does just that.

Basically I'm looking for a non-deterministic random number generator for my application.

Apparently my requirements is that it definitely have to take the analog world as input.

I've found one at http://random.org. It is good enough for me, However it has a cap of 200k bits (only 6250 32-bit integers!) on each IP per day.

6250 integers per day is definitely not enough for my app. So I'm searching for one that gives a better quota.

I don't mind paying to use the service (but obviously a free one would be better).

I'm not asking a useless question. In fact, applications like online Casinos will need many non-deterministic random numbers on demand. In my situation, my economics/investment game requires a true random number for good simulation. A pseudo-random number is just "not good" enough for a "good" simulation you see.

Btw please do not tell me that a pseudo-random number generator would "be good enough" for my application. It apparently isn't good enough for my situation here, which is the first, last, and only reason why I'll need a non-deterministic random number generator.

Anyway, I'm aware that any data sent through HTTP/HTTPS has risks of being eavesdropped. I'm perfectly fine with that. I need a true random number. After I've gotten the number, I'm happy. A spy can eavesdrop all he wants and I won't mind a bit.

This question appears to be off-topic. The users who voted to close gave this specific reason:

"Questions asking us to recommend a tool, library or favorite off-site resource are off-topic for Programmers as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it." – MichaelT, Justin Cave, GlenH7, gnat

The bigger question is "why" do you need a "truly" random number generator?
–
DarknightMay 17 '11 at 9:46

5

A true random generator in pure software does not exist. You can get close, at the end of the day, it won't be truely random.
–
RamhoundMay 17 '11 at 11:32

9

What do you need it for? If it's a game or something, then pseudo-random is normally good enough. If it's cryptography, they you shouldn't use a web service. You need to explain what it's for before we can point you to viable solutions.
–
Michael KohneMay 17 '11 at 13:09

Technically, there's no sufficient means to determine if a set of numbers is random. Numbers could always be 0 and it could technically happen, albeit extremely improbable. To those of you who say that that could never happen, I say, what are the chances that a random number generator will generate the exact number 20993429237112734772201092292773? Yes, in fact, extremely improbable.
–
NeilMay 17 '11 at 15:13

6 Answers
6

We provide a new quantum random number
generator (QRNG) based on the quantum
randomness of photon arrival times. It
promises provable and long term
statistical quality, speed as well as
affordability. Our design creates a
new quality in the sense that it
offers substantially higher bit rates
than previous solutions available to
the public. This has become possible
by exploiting most recent photon
timing instrumentation and
state-of-the-art data processing in
hardware.

In addition to providing high speed
(up to 150 Mbits/s over USB), the
post-processing algorithm applied to
the raw data is based on solid
predictions from information theory
which guarantee conservation of
randomness. This allows for the use of
the delivered random numbers in
unconditionally secure encryption
schemes.
[...]Access Policies
None of the served data is delivered more than once, neither to a single user nor across > independent users. Using the service is free of charge, but requires registration.

(0.o) ?! egad! I thought it was a joke, but no it really does exist :) (+1) great find
–
DarknightMay 17 '11 at 9:48

3

-1 for poor quality answer. This could very well be a great solution, but you have provided no details on the link/service, and I don't care to read the entire link for a summary. When an answer on P.SE requires a link, please provide a summary of the solution you are linking to. I will consider removing my downvote if you revise your answer.
–
CraigeMay 17 '11 at 14:59

4

@NimChimpsky - Why? Because that is how you write a quality answer on P.SE. ba__friend should have posted a brief description of the service for those reading over this question. Perhaps a quick explanation/quote as to how the service generates it's random numbers.
–
CraigeMay 17 '11 at 15:22

2

@Craige I updated the post with an excerpt from the site.
–
Anna Lear♦May 17 '11 at 20:03

What you are asking for is Holy water, and you are rejecting the suggestion that you use regular water. The only reason for preferring Holy water over water is religious. There are simple, randomly-seeded PRNGs that cannot be distinguished from true physical randomness by any known process. And these systems are non-deterministic.

A real-world computer has several sources of true physical randomness. For example, a modern x86 CPU has a 'TSC' which measures the instruction cycle count (and thus, indirectly, the time to a resolution of a billionth of a second or so).

You can capture the TSC when a network packet arrives. The low bits of the TSC will depend on the precise offset between the crystal oscillator that times the network interface and the crystal oscillator that runs the CPU. This is dependent on microscopic zone temperature variations in the two quartz crystals that are believed to be truly random.

Similarly, you can capture the TSC when data arrives from the hard drive. The low bits are dependent on turbulent airflow shearing between the hard drive surface and the case. This is also believed to be truly random.

Well-known algorithms, such as the one the Linux kernel uses (developed by Theodore Ts'o based on the work of M. Matsumoto and Y. Kurita) use the avalanche effect to convert a few unpredictable bits into a much larger number. The only differences between the outputs of these algorithms (assuming they are properly seeded by TSC data) and the output of true physical randomness is religious -- no known method can distinguish these outputs. There is no test that one will pass and the other will fail.

I have developed random number generators for online casino use that have achieved independent certification. These methods are the ones used in the real world.

I still don't understand why a cryptographic PRNG isn't good enough for your problem. A defining property of a crypto-PRNG is that it's not possible(with reasonable amounts of hardware) to distinguish its output from a true RNG.

This means it is good enough for any kind of simulation or application I can think of, apart from generation cryptographic keys or initializing the crypto PRNG itself(it obviously needs a few hundred bits of true entropy to get started).

On the other hand webservice RNGs can't be used for crypto either since

You can't prove they are actually a true PRNG since you can't distinguish their output from a PRNG

You need to trust the operator of the service

The random data is transmitted to you over lower security channel. An attacker who can break a PRNG can break SSL too.

So I can't think of a single use where one would prefer a webservice RNG over a good PRNG. If you truly need real and secure random numbers I see no alternative to building hardware yourself.

Yes i can't prove the output to be truly random. but its not that hard to trust it random.org/statistics. You seem to assume security is one of my requirement but its not. I need a random number fullstop. Not a random and secure number. (If an attacker wants to eavesdrop feel free, it wouldn't hurt)
–
PacerierMay 17 '11 at 22:43

1

It's not hard to trust a PRNG for which it has been mathematically been proven that distinguishing it from a true RNG requires solving very hard mathematical problems.
–
CodesInChaosMay 17 '11 at 22:50

@CodeInChaos is an online casino a very hard mathematical problem? It isn't, but it requires that kind of true randomness don't you think so?
–
PacerierMay 17 '11 at 22:54

2

I see no technical reasons why a good PRNG occasionally received a hundred bits of true entropy shouldn't be enough for even an online casino. There might be legal reasons, but I assume in that case you need generate your true randomness locally since this gives you better chances of proving that you're using true random numbers.
–
CodesInChaosMay 18 '11 at 6:12

7

+1 I totally agree with you. If you are creating a game that needs to generate realistic random data then you are better off with a PRNG than a truly random number generator. Firstly there is a mathematical proof that it produces statistically random data fitted to a probability distribution. Secondly you can choose that probability distribution. Thirdly you can test your application deterministically. Fourthly you can choose the seed at start up so that it never behaves the same way twice. Personally I think the OP doesn't actually understand what randomness means, or why he needs it.
–
user23157May 23 '11 at 12:48

Several years ago you could call SGI's lavarand which generated random numbers by using the current blob shape and postion of a lava lamp being watched by a webcam.

Though it's gone now you can easily create your own generator with a webcam and the open source code from the fine folks at LavaRnd (EDIT: down for some time now. Wayback MachineSourceforge Project). It turns out that you don't need the lava lamp at all: the noise picked up by the CCD while the webcam is sealed in a light-proof container is a great source for generating cryptographically sound random numbers.

(I know this isn't a service you can use now, but because it used to be, because it was so cool, and because you can create a nearly free one very easily, I figured it was worthy of being an answer.)

but surely over time the "random" noise generated by the webcam would fit a normal distribution? I don't know would like it clarified?
–
DarknightMay 17 '11 at 12:45

4

@Darknight: What does the distribution have to do with randomness? It's possible to generate deterministic sequences to match any distribution, and it's possible for random numbers to fit any distribution.
–
David ThornleyMay 17 '11 at 15:09

2

@Darknight As David notes, whether or not the numbers eventually fit a normal distribution doesn't affect the randomness. If you're interested in what is required to make a random number generator cryptographically sound (or crypto strong), the LavaRnd guys have a ton of "stat nerd" info and links on their site, along with how they relate to LavaRnd.
–
Matthew FrederickMay 17 '11 at 17:13

Seriously there's no way to create one easily Matthew. How exactly do you define easy?
–
PacerierMay 17 '11 at 19:59

2

@Pacerier You're right that "easy" is a matter of perspective. This method is easy if you have access to your server and finding a suitable webcam doesn't take long -- a $10 "buy it now" on ebay, say. That leaves attaching the camera; downloading, compiling, and running the free software; and adding a call to the service in your code. Not trivial, but pretty easy, extremely inexpensive, and provides an unlimited number of requests.
–
Matthew FrederickMay 17 '11 at 21:03

I hope this isn't how you are actually generating random numbers.
–
CraigeMay 17 '11 at 15:55

9

The point of my (mildly sarcastic) answer is that the entropy in the time it takes packets to travel is worth a lot more than a "random" number whose entropy you trust to a third-party server.
–
R..May 17 '11 at 16:04

5

@Pacerier: Nobody intelligent writes their own crypto, unless they're an expert. That's different from sending your plaintext to a web service and getting ciphertext back. Similarly, you probably don't want to try to design your own quantum randomness system, but getting random numbers shipped to you through HTTP isn't reliable.
–
David ThornleyMay 17 '11 at 20:30

1

@Pacerier But you still haven't shown why the alternative of using a local PRNG with occasional entropy injection(from local entropy sources) is not possible.
–
CodesInChaosMay 18 '11 at 8:42

1

@Pacerier: trust me on this: you don't need genuine random numbers for economics simulations. A good pseudo- (or quasi-, if you care about the even distribution) random generator will be enough. The problems lie elsewhere (for example: you want the numbers to be uncorrelated in many dimensions -- how do you know that the webservice you use even bothers to check how their numbers fill a 20-dimensional space?).
–
quant_devMay 18 '11 at 11:45

Researchers at the ANU are generating true random numbers from a
physical quantum source. We do this by splitting a beam of light into
two beams and then measuring the power in each beam. Because light is
quantised, the light intensity in each beam fluctuates about the mean.
Those fluctuations, due ultimately to the quantum vacuum, can be
converted into a source of random numbers.